Skills
skills/nexscope-ai/nexscope-ecommerce-skills/tiktok-product-research/Gen Agent Trust Hub

tiktok-product-research

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill correctly manages sensitive credentials by retrieving NEXSCOPE_API_KEY and NEXSCOPE_PROXY_BASE from environment variables rather than hardcoding them.
  • [COMMAND_EXECUTION]: The skill uses a Python script (scripts/tiktok_product_research.py) to handle API interactions. The script utilizes standard libraries (urllib.request) and does not involve any unsafe command execution, shell spawning, or privilege escalation.
  • [EXTERNAL_DOWNLOADS]: The script performs network requests to the author's specified proxy endpoint. This communication is restricted to the purpose of the skill and does not involve downloading or executing arbitrary remote code.
  • [DATA_EXFILTRATION]: No evidence of data exfiltration was found. The skill only transmits user-defined search parameters to the vendor's API proxy.
  • [PROMPT_INJECTION]: The instructions in SKILL.md are standard and do not contain any attempts to override safety filters or hijack agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 07:05 AM
Security Audit — agent-trust-hub — tiktok-product-research